Commit Graph

630 Commits

Author SHA1 Message Date
Paul Bakker
1a0f552030 - Fixed test for 'trust extension' change 2012-09-25 21:53:55 +00:00
Paul Bakker
b00ca42f2a - Handle existence of OpenSSL Trust Extensions at end of X.509 DER blob 2012-09-25 12:10:00 +00:00
Paul Bakker
4811b56524 - Added util/CMakelists.txt 2012-09-25 11:45:38 +00:00
Paul Bakker
29b64761fd - Added predefined DHM groups from RFC 5114 2012-09-25 09:36:44 +00:00
Paul Bakker
b60b95fd7f - Added first version of ssl_server2 example application 2012-09-25 09:05:17 +00:00
Paul Bakker
995a215eac - Added credits 2012-09-25 08:19:56 +00:00
Paul Bakker
0f409a1911 - Added missing subdirectory line for util 2012-09-25 08:19:18 +00:00
Paul Bakker
d0f6fa7bdc - Sending of handshake_failures during renegotiation added
- Handle two legacy modes differently: SSL_LEGACY_BREAK_HANDSHAKE and SSL_LEGACY_NO_RENEGOTIATION
2012-09-17 09:18:12 +00:00
Paul Bakker
17a9790918 - Added regression check for latest mpi_add_abs() issue 2012-09-17 08:44:35 +00:00
Paul Bakker
d4c2bd79fe - Added bug 2012-09-16 21:35:30 +00:00
Paul Bakker
2d319fdfcb - Fixed bug in mpi_add_abs with adding a small number to a large mpi with carry rollover. 2012-09-16 21:34:26 +00:00
Paul Bakker
48916f9b67 - Added Secure Renegotiation (RFC 5746) 2012-09-16 19:57:18 +00:00
Paul Bakker
b5b20f19e7 - Extra sanity check for input added 2012-09-16 15:07:49 +00:00
Paul Bakker
0c93d126bc - Ability to define openssl at top
- Also add SHA256 ciphersuites in non-tls 1.2 modes
2012-09-13 14:26:09 +00:00
Paul Bakker
5f70b25c9b - Correctly handle SHA256 ciphersuites in SSLv3
- Moved ssl3_prf to separate function (no exceptions)
2012-09-13 14:23:06 +00:00
Paul Bakker
ec636f3bdd - Removed handling for SSLv2 Client Hello (as per RFC 5246 recommendation) 2012-09-09 19:17:02 +00:00
Paul Bakker
68b6d88f5e - Clear all memory 2012-09-08 14:04:13 +00:00
Paul Bakker
94a6796179 - Correctly handle MS certificate's key usage bits 2012-08-23 13:03:52 +00:00
Paul Bakker
f518b16f97 - Added PKCS#5 PBKDF2 key derivation function 2012-08-23 13:03:18 +00:00
Paul Bakker
535e97dbab - Better checking for reading over buffer boundaries
- Zeroize altSubjectName chain memory before use
2012-08-23 10:49:55 +00:00
Paul Bakker
9195662a4c - Added test for no-subject certificates with altSubjectNames 2012-08-23 10:46:54 +00:00
Paul Bakker
894dece46c - Cleaner return value (for C++) 2012-08-23 08:34:32 +00:00
Paul Bakker
b68cad6cc7 - Made cipersuites in ssl context const (no intention to modify)
- Adjusted ssl_set_ciphersuites() to match
2012-08-23 08:34:18 +00:00
Paul Bakker
835b29e7c3 - Should not be debug_level 5 in repo (reset to 0) 2012-08-23 08:31:59 +00:00
Paul Bakker
bb51f0cb3d - Only include md.h if needed by POLARSSL_PKCS1_V21 2012-08-23 07:46:58 +00:00
Paul Bakker
6a2f857b08 - Added DragonflyBSD support 2012-08-23 07:45:37 +00:00
Paul Bakker
3c16db9a10 - Fixed potential memory zeroization on miscrafted RSA key 2012-07-05 13:58:08 +00:00
Paul Bakker
5552c8c0b3 - Updated documentation 2012-07-05 13:31:54 +00:00
Paul Bakker
3d58fe8af6 - Added Blowfish to benchmarks 2012-07-04 17:15:31 +00:00
Paul Bakker
6132d0aa93 - Added Blowfish to generic cipher layer
- Renamed POLARSSL_MODE_CFB128 to POLARSSL_MODE_CFB
2012-07-04 17:10:40 +00:00
Paul Bakker
26c4e3cb0b - Made crypt_and_cipher more robust with other ciphers / hashes 2012-07-04 17:08:33 +00:00
Paul Bakker
83f00bba9c - Updated strerror codes for SSL Compression and Blowfish 2012-07-04 11:08:50 +00:00
Paul Bakker
a9379c0ed1 - Added base blowfish algorithm 2012-07-04 11:02:11 +00:00
Paul Bakker
92eeea4627 - Modified CMakeLists to support zlib 2012-07-03 15:10:33 +00:00
Paul Bakker
2770fbd651 - Added DEFLATE compression support as per RFC3749 (requires zlib) 2012-07-03 13:30:23 +00:00
Paul Bakker
4f9a7bb7fd - Added Thumb assembly optimizations 2012-07-02 08:36:36 +00:00
Paul Bakker
cefb396a77 - Handle empty certificate subject names 2012-06-27 11:51:09 +00:00
Paul Bakker
e4791f3936 - Bugfix for Windows in cert path handling 2012-06-04 21:29:15 +00:00
Paul Bakker
67820bd38e - Only include padlock header when POLARSSL_PADLOCK_C is defined 2012-06-04 12:47:23 +00:00
Paul Bakker
8d914583f3 - Added X509 CA Path support 2012-06-04 12:46:42 +00:00
Paul Bakker
e6ee41f932 - Added OpenSSL / PolarSSL compatibility script (tests/compat.sh) and example application (programs/ssl/o_p_test) (Requires OpenSSL)
- Handle encryption with private key and decryption with public key as per RFC 2313
2012-05-19 08:43:48 +00:00
Paul Bakker
50546921ac - Moved to prevent uninitialized exit var 2012-05-19 08:40:49 +00:00
Paul Bakker
4248823f43 - Updated to handle x509parse_crtfile() positive return values 2012-05-16 08:21:05 +00:00
Paul Bakker
f6198c1513 - mpi_exp_mod() now correctly handles negative base numbers (Closes ticket #52) 2012-05-16 08:02:29 +00:00
Paul Bakker
5b37784f6d - Updated with tickets 2012-05-16 07:57:36 +00:00
Paul Bakker
40dd5303c2 - Fixed test on Big Endian systems (Fixed Ticket #54) 2012-05-15 15:02:38 +00:00
Paul Bakker
2a5c7a87af - Add Windows required library 2012-05-10 21:54:28 +00:00
Paul Bakker
62f88dc473 Makefile more compatible with WINDOWS environment 2012-05-10 21:26:28 +00:00
Paul Bakker
cd5b529d6d - Added automatic WINDOWS define in Makefile 2012-05-10 20:49:10 +00:00
Paul Bakker
4d2c1243b1 - Changed certificate verify behaviour to comply with RFC 6125 section 6.3 to not match CN if subjectAltName extension is present. 2012-05-10 14:12:46 +00:00